CrowdStrike, in collaboration with Google and Shadowserver, has dismantled a botnet known as Glassworm, which targeted open-source software developers. Over the past two years, this network deployed malware through developer accounts and code distribution channels to steal passwords and compromise over 300 GitHub repositories. The attackers used methods such as publishing malicious plugins, purchasing search ads to lure downloads, and taking over developer accounts with stolen credentials. The operation severed four command-and-control channels, including those using the Solana blockchain and BitTorrent network, reducing the attackers' ability to deploy additional malware. This action comes amid a rise in supply chain attacks on open-source projects, with recent incidents affecting developers and projects globally. The report also noted a similar attack in March linked to North Korean hackers, underscoring the increasing focus on developer accounts as prime targets.